The specific algorithm that the password hacking program implements depends on the password system’s design. Each password hacking program is usually designed to defeat one specific type of password protection. Cisco router passwords, Zip passwords, and Microsoft Word passwords are some examples.

When a cryptosystem is exposed to known ciphertext attacks, implementers must steer clear of conditions in which an enemy might be able to decrypt known ciphertexts. This can be more complex than it appears, as even incompletely known ciphertexts can allow attacks. Known ciphertext attacks, similar to other attacks, may be adaptive or non-adaptive. In a non-adaptive attack, the invader selects the ciphertext to decrypt beforehand and does not use the ensuing plaintexts to notify their preference for more ciphertexts. In an adaptive known ciphertext attack, the invaders make their ciphertext preferences adaptively, that is, depending on the outcome of former decryptions.

Dictionary Attacks

Dictionary attacks work by exploiting the fact that people often choose very simple passwords. A dictionary attack is simply when every word in the dictionary is tried as a possible password. Computer programs that automatically generate and try all the dictionary words exist.

More advanced dictionary attacks try variations or combinations of common dictionary words. One popular password variation is to replace the letter o with zeros and the letter i with ones. A popular combination is to use two short words with a number in the middle, such as “all4one” or “girl4me.”

Brute Force Attacks

If a dictionary attack fails to reveal a password, a brute force attack is still possible. A brute force attack is simply when every possible password is tried. Brute force attacks can take a long time, even for computers. The general rule is that the longer the possible password, the longer the brute force attack will take to run.